from django.http import HttpResponseForbidden
from django.template.loader import render_to_string
from django.views.decorators.csrf import requires_csrf_token

@requires_csrf_token
def csrf_failure(request, reason=""):
    """
    自定义CSRF验证失败视图
    """
    context = {
        'reason': reason,
        'request_path': request.path,
    }
    return HttpResponseForbidden(
        render_to_string('403_csrf.html', context),
        content_type='text/html'
    )
